Re: How to setup Trust to DMZ traffic no source IP translate?

Expanding on mehdi's comments ... to prevent source IP translation from the trust to either dmz or untrust, you need to enable route mode on the interface bound to trust zone. In fact, I recommend configuring all interfaces to route mode, and if you need NAT, then do that at the policy level. For each policy you need the IP to be NAT'd, you simply specify nat src per policy. This gives you much more flexibility.